elblogg » undring http://blog.elzapp.com blogge v1 (norr bloðga, av *blod) skjære, stikke fisk slik at blodet renner ut, jf *bløgge Wed, 01 Sep 2010 08:41:50 +0000 en hourly 1 http://wordpress.org/?v=3.0.1 Mirror http://blog.elzapp.com/2008/04/04/mirror.html http://blog.elzapp.com/2008/04/04/mirror.html#comments Fri, 04 Apr 2008 06:52:46 +0000 elzapp http://blog.elzapp.com/?p=315 Yesterday evening when we where going home after visiting a friend and collegue of mine, we passed by some rubbish bins outside an apartment complex. On the top of these bins there were lying a huge mirror. About 2meters 20cm by 40cm or something. There was, as far as what we could see nothing wrong with it at all, so we took it. I’ve wanted to buy a big mirror for a long time, but mirrors are very expensive. (Thats why it means seven years of bad luck if you break one or throw one away).

But, I cant help but wonder why people would throw away such an expensive piece of furniture.
I guess the best explaination is that someone moved away from one of the apartments without taking the furniture with them, and then the landlord throw away their stuff.

PS: It is not our intention to steal it, so if someone claims it we will give it back.

]]> http://blog.elzapp.com/2008/04/04/mirror.html/feed 0 w00t? http://blog.elzapp.com/2008/03/25/w00t.html http://blog.elzapp.com/2008/03/25/w00t.html#comments Tue, 25 Mar 2008 12:30:34 +0000 elzapp http://blog.elzapp.com/2008/03/25/w00t.html Today I noticed this in my access.log:

?View Code APACHE
67.19.113.154 - - [24/Mar/2008:16:02:10 +0100] "GET /w00tw00t.at.ISC.SANS.DFind:) HTTP/1.1" 400 363 "-" "-"
65.111.181.35 - - [24/Mar/2008:20:02:22 +0100] "GET /w00tw00t.at.ISC.SANS.DFind:) HTTP/1.1" 400 363 "-" "-"
67.19.113.154 - - [24/Mar/2008:20:15:38 +0100] "GET /w00tw00t.at.ISC.SANS.DFind:) HTTP/1.1" 400 363 "-" "-"
67.19.113.154 - - [25/Mar/2008:00:26:37 +0100] "GET /w00tw00t.at.ISC.SANS.DFind:) HTTP/1.1" 400 363 "-" "-"
67.19.113.154 - - [25/Mar/2008:04:37:39 +0100] "GET /w00tw00t.at.ISC.SANS.DFind:) HTTP/1.1" 400 363 "-" "-"
...
67.19.113.154 - - [25/Mar/2008:08:52:25 +0100] "GET /w00tw00t.at.ISC.SANS.DFind:) HTTP/1.1" 400 363 "-" "-"
67.19.113.154 - - [25/Mar/2008:13:05:07 +0100] "GET /w00tw00t.at.ISC.SANS.DFind:) HTTP/1.1" 400 363 "-" "-"

What goes on here?
All these requests fail, ofcourse, but in addition to the obvious (404), the client also doesnt supply a Host: header for their HTTP/1.1 requests

update

It is safe to assume that this is an attempt to hack me in some way, DFind is appearantly some kind of security scannerref. The same IPs are also bruteforcing some URLs (like /phpmyadmin etc..) looking for somthing fun to poke around with.

]]> http://blog.elzapp.com/2008/03/25/w00t.html/feed 0